WavPack 5.3.0 has an out-of-bounds write in WavpackPackSamples in pack_utils.c because of an integer overflow in a malloc argument. NOTE: some third-parties claim that there are later "unofficial" releases up to and including 5.3.2, which are also affected.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
wavpack wavpack 5.3.0 |
||
debian debian linux 9.0 |
||
fedoraproject fedora 32 |
||
fedoraproject fedora 33 |